Even if you have a relatively small website, it is likely that you eventually have to deal with hackers. One of the most common methods of hacking is the brute force attack – here hackers will cycle through numbers and letters to try to crack your password. It has happened to WordPress users in recent memory, so it is important to be prepared as much as possible.
The reason that these brute force attacks were successful encompasses a number of different factors. First, you have unlimited login attempts with the WordPress platform. This means that brute force hackers can continue to try until they gain access or are detected. While there is not much the average user can do about this, you can use different tactics to make your site more secure against these hackers.
Update your username
Be honest, how many people still use “admin” as their WordPress username? You receive this automatic username when you set up your account for the first time. Recent attacks consistently use the “admin” username to gain access. If they know the username, they only have to crack the password in order to gain access
The solution is straightforward – change the username. Make it something unique so you protect the hard work that you put into your site. The easier it is to guess your username, the easier it is for them to gain access. Make sure to avoid the following names as well:
- Your first name – “Mike” for example
- Your first name and last name – “MikeSmith” for example
Focus on your password
You have probably received countless lectures on password complexity. However, you can really protect your content management system from outside sources by having a good, strong password. Remember that these attacks do not last minutes, they can last hours, days, maybe even weeks – the easier you make your password, the easier it is to get in. Follow these rules and improve your security:
- Do not use any real words to base your password off of
- Make sure that you have 8 characters or more in your password
- Make sure that you use both upper and lowercase letters, and symbols and numbers.
Chances of having problems with a changed username and strong password are slim to none. This is the best way to make sure that you protect your WordPress against possible brute force attacks.